Subscribe
Issue No.08 - Aug. (2012 vol.61)
pp: 1071-1083
P. Montuschi , Dipt. di Autom. e Inf. (DAUIN), Politec. di Torino, Torino, Italy
ABSTRACT
The modular exponentiation on large numbers is computationally intensive. An effective way for performing this operation consists in using Montgomery exponentiation in the Residue Number System (RNS). This paper presents an algorithmic and architectural study of such exponentiation approach. From the algorithmic point of view, new and state-of-the-art opportunities that come from the reorganization of operations and precomputations are considered. From the architectural perspective, the design opportunities offered by well-known computer arithmetic techniques are studied, with the aim of developing an efficient arithmetic cell architecture. Furthermore, since the use of efficient RNS bases with a low Hamming weight are being considered with ever more interest, four additional cell architectures specifically tailored to these bases are developed and the tradeoff between benefits and drawbacks is carefully explored. An overall comparison among all the considered algorithmic approaches and cell architectures is presented, with the aim of providing the reader with an extensive overview of the Montgomery exponentiation opportunities in RNS.
INDEX TERMS
residue number systems, Hamming weight, architectural study, algorithmic study, montgomery exponentiation, RNS, residue number system, modular exponentiation, computer arithmetic techniques, arithmetic cell architecture, Computer architecture, Microprocessors, Algorithm design and analysis, Computers, Bismuth, Approximation methods, Delay, modular multiplication., RNS, montgomery reduction, modular exponentiation
CITATION
P. Montuschi, "An Algorithmic and Architectural Study on Montgomery Exponentiation in RNS", IEEE Transactions on Computers, vol.61, no. 8, pp. 1071-1083, Aug. 2012, doi:10.1109/TC.2012.84
REFERENCES
 [1] N. Szabo and R. Tanaka, Residue Arithmetic and Its Applications to Computer Technology. McGraw-Hill, 1967. [2] P. Montgomery, "Modular Multiplication without Trial Division," Math. of Computation, vol. 44, no. 170, pp. 519-521, 1985. [3] K. Posch and R. Posch, "Modulo Reduction in Residue Number Systems," IEEE Trans. Parallel and Distributed Systems, vol. 6, no. 5, pp. 449-454, May 1995. [4] S. Kawamura, M. Koike, F. Sano, and A. Shimbo, "Cox-rower Architecture for Fast Parallel Montgomery Multiplication," Proc. Int'l Conf. Theory and Application of Cryptographic Techniques: Advances in Cryptology (EUROCRYPT '00), pp. 523-538, 2000. [5] J.-C. Bajard and L. Imbert, "A Full RNS Implementation of RSA," IEEE Trans. Computers, vol. 53, no. 6, pp. 769-774, June 2004. [6] H. Nozaki, M. Motoyama, A. Shimbo, and S. Kawamura, "Implementation of RSA Algorithm Based on RNS Montgomery Multiplication," Proc. Third Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '01), pp. 364-376, 2001. [7] J.-C. Bajard, L.S. Didier, and P. Kornerup, "Modular Multiplication and Base Extensions in Residue Number Systems," Proc. 15th IEEE Symp. Computer Arithmetic, pp. 59-65, 2001. [8] A. Shenoy and R. Kumaresan, "Fast Base Extension Using a Redundant Modulus in RNS," IEEE Trans. Computers, vol. 38, no. 2, pp. 292-297, Feb. 1989. [9] F. Gandino, F. Lamberti, J.-C. Bajard, and P. Montuschi, "A General Approach for Improving RNS Montgomery Exponentiation Using Pre-Processing," ARITH '11: Proc. 20th IEEE Symp. Computer Arithmetic, July 2011. [10] F. Gandino, F. Lamberti, J.-C. Bajard, and P. Montuschi, "Pre-Processing in RNS Montgomery Multiplication," technical report, 2010. [11] N. Guillermin, "A High Speed Coprocessor for Elliptic Curve Scalar Multiplications over $F_p$ ," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '10), pp. 48-64, 2010. [12] N. Guillermin, "A Coprocessor for Secure and High Speed Modular Arithmetic," Report 2011/354, Cryptology ePrint Archive, 2011. [13] J. Bajard, N. Meloni, and T. Plantard, "Efficient RNS Bases for Cryptography," IMACS '05: Proc. World Congress Scientific Computation, Applied Math. and Simulation, July 2005. [14] J.C. Bajard, M. Kaihara, and T. Plantard, "Selected RNS Bases for Modular Multiplication," ARITH '09: Proc. 19th IEEE Symp. Computer Arithmetic, pp. 25-32, 2009. [15] Algorithmic Algebraic Number Theory, M. Pohst and H. Zassenhaus, eds., ch. 2.2.5. Cambridge Univ. Press, 1989. [16] S. Duquesne and N. Guillermin, "A FPGA Pairing Implementation Using the Residue Number System," Cryptology ePrint Archive, Report 2011/176, 2011. [17] R. Cheung, S. Duquesne, J. Fan, N. Guillermin, I. Verbauwhede, and G. Yao, "FPGA Implementation of Pairings Using Residue Number System and Lazy Reduction," Proc. Int'l Conf. Cryptographic Hardware and Embedded Systems (CHES '11), B. Preneel and T. Takagi, eds., pp. 421-441, 2011. [18] F. Gandino, F. Lamberti, G. Paravati, J.-C. Bajard, and P. Montuschi, "Investigation on Cell Architectures for RNS Montgomery Exponentiation," technical report, 2011. [19] H. Wu, "On Modular Reduction," technical report, CACR, Univ. of Waterloo, 2000.